Nmap Forensics Analysis

Starting Nmap 7.93 ( https://nmap.org ) at 2026-05-05 10:00 CEST Nmap scan report for megacorp.local (10.10.10.50) Host is up (0.045s latency). Not shown: 996 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 9c:81:4e:37:e2:a2:6b:c2:d9:95:48:42:ab:12:44:aa (RSA) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) |_http-title: Megacorp Intranet |_http-server-header: Apache/2.4.41 (Ubuntu) | http-enum: | /login.php: Login page | /images/: Potentially interesting directory |_ /secret_backdoor/: Interesting, a hidden directory 443/tcp open ssl/http Apache httpd 2.4.41 ((Ubuntu)) | ssl-enum-ciphers: | TLSv1.2: | ciphers: | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A 2121/tcp open ftp ProFTPD 1.3.5 | ftp-anon: Anonymous FTP login allowed (FTP code 230) | drwxrwxrwx 2 111 113 4096 May 5 09:34 pub MAC Address: 00:0C:29:AB:CD:EF (VMware) Device type: general purpose Running: Linux 4.X|5.X OS CPE: cpe:/o:linux:linux_kernel:5.4 OS details: Linux 4.15 - 5.6 Network Distance: 1 hop Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.45 seconds